<?php
require_once("header.php");


if(isset($_GET['file']))
{
	$fileCode = makesafe(safeGet($_GET['file']));
	$file = getFileIdByFileCode($fileCode);
	$template->assign('file', $file); 
	$template->assign('fileCode', $fileCode);    	
	$template->assign('file_name', getFileNameById($file));    	
	if(!getFilenameById($file) || empty($file))
	{
         $template->assign('invalid_file', "Invalid file id.");		
		 $template->display('report.tpl.php');
		 return;
	}
		
}

if(isset($_POST['submit']))
{
	

	$name = makesafe($_POST['name']);
	$email = makesafe($_POST['email']);
	
	$ip = getIP();
	$msg = makesafe($_POST['message']);
	$code = makesafe($_POST['code']);
	$template->assign('file_name', getFileNameById($file));    	
	$template->assign('fileCode', $fileCode); 
	$template->assign('file', $file); 
	$template->assign('name', $name); 
	$template->assign('email', $email); 
	$template->assign('msg', $msg); 	
	

	
	
	if(!getFilenameById($file) || empty($file))
	{
         $template->assign('invalid_file', "Invalid file id.");		
		 $template->display('report.tpl.php');
		 return;
	}
	

	
	
	if(empty($name))
	{
         $template->assign('error_msg', "Please enter your name.");		
		 $template->display('report.tpl.php');
		 return;		
	}
	
	if(empty($email) || !validEmail($email))
	{
         $template->assign('error_msg', "Please enter your valid email address.");		
		 $template->display('report.tpl.php');
		 return;		
	}	
	
	if(empty($msg))
	{
         $template->assign('error_msg', "Please write your message for this report.");		
		 $template->display('report.tpl.php');
		 return;
		
	}
	
	
	if(strcasecmp($_SESSION['securityCaptcha'], $code) != 0)
	{
		        $error = "Invalid security code.";
				$template->assign('error_msg', $error);
				$template->display("report.tpl.php");
				return;
	}		
			
	

	
	if(mysql_query("INSERT INTO file_reports VALUES (NULL, '$name', '$email', '$file', '$msg', '$ip', NOW())"))
	{
		
            $msg = "File ID: $file<br /> ".$msg." <br />-------------------------------------------<br />Sender's Name is $name<br />
			Sender's Email Address is $email";
			$msg = nl2br($msg);			
		
         $mail = new Email(ADMIN_EMAIL, "File Reported", $msg, 1);
         $mail->sendMail();
   		

		 $template->assign('success_msg', "Report has been sent successfully.");		
		 $template->display('report.tpl.php');
		 return;

	}else
	{
		
		 $template->assign('error_msg', "An error occured while sending report, please try later.");		
		 $template->display('report.tpl.php');
		 return;
		
	}
	
	
}else
{
    $template->display("report.tpl.php");
}
?>